Step 1: Prepare the mandatory profile location
On a central file server, create a new folder or use an existing folder that you use for roaming user profiles. For example, you can use the following folder name "Profiles":
If you are creating a new folder, share the folder by using a name that is suitable for your organization.
Note The share permissions for shared folders that contain roaming user profiles must enable Full Control permissions for the Authenticated Users group. The share permissions for folders that are dedicated to storing mandatory user profiles should enable Read permissions for the Authenticated Users group and enable Full Control permissions for the Administrators group.
Create a new folder in the folder that is created or identified in step 1a. The name of this new folder should start with the logon name of the user account if the mandatory user profile is for a specific user. If the mandatory user profile is for more than one user, name it accordingly. For example, the following domain has a mandatory profile, and the folder name begins with the word "mandatory":
Finish naming the folder by adding .v2 after the name. The example that is used in step 1c has the folder name "mandatory." Therefore, the final name of the following folder for this user is "mandatory.v2":
Step 2: Copy the default user profile to the mandatory profile location
Log on to the computer that has the customized local default user profile by using an account that has administrative credentials.
Click Start from the Start menu, right-click Computer, click Properties, and then click Advanced System Settings.
Under User Profiles, click Settings. The User Profiles dialog box shows a list of profiles that are stored on the computer.
Select Default Profile, and then click Copy To.
In the Copy profile to text box, type the network path of the Windows default user folder that you created in the "step 1: Prepare the mandatory profile location" section. For example, type the following path:
Under Permitted to use, click Change, type the name Everyone, and then click OK.
Click OK to start to copy the profile.
Log off the computer when the copying process is completed.
On the central file server, locate the folder that you created in the "step 1: Prepare the mandatory profile location" section."
Click Organize, and then click Folder options.
Click the View tab, click to select the Show hidden files and folders check box, click to clear the Hide extensions for known file types check box, click to clear the Hide protected operating system files check box, click Yes to dismiss the warning, and then click OK to apply the changes and close the dialog box.
Locate and right-click the NTUSER.DAT file, click Rename, change the name of the file to NTUSER.MAN, and then press ENTER.
Note Previously it was possible to copy profiles by using the System Control Panel item. This copy to default profile option is now disabled as it could add data that made the profile unusable.
Step3: Prepare a user account
As a domain administrator, open the Active Directory Users and Computers management console from a Windows Server 2008 R2 or Windows Server 2008 computer.
Right-click the user account to which you want to apply the mandatory user profile, and then click Properties.
Click the Profile tab, type the network path that you created in the "step 1: Prepare the mandatory profile location" section in the profile path text box. However, do not add ".v2" at the end. In our example, the path would be as follows:
Click OK, and then close the Active Directory Users and Computers management console.